Network Layer - Central Washington University€¦ · · 2017-05-04Design Issues •...
Transcript of Network Layer - Central Washington University€¦ · · 2017-05-04Design Issues •...
Network LayerChapter 5
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
• Design Issues
• Routing Algorithms
• Congestion Control
• Quality of Service
• Internetworking
• Network Layer of the Internet
Revised: August 2011
The Network Layer
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Responsible for delivering packets
between endpoints over multiple
links
Network Layer is the lowest layer in
the OSI Reference Model that deals
with end-to-end transmission.
It provides services to the Transport
Layer.
Physical
Link
Network
Transport
Application
Design Issues
• Store-and-forward packet switching »
• Connectionless service – datagrams »
• Connection-oriented service – virtual circuits »
• Comparison of virtual-circuits and datagrams »
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Store-and-Forward Packet Switching
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Hosts send packets into the network; packets are
forwarded by routers
ISP’s equipment
Questions: If P1 on Host H1 is sending a message to P2 on H2, for the packet at Host H1:
• What is the destination address for the packet’s network layer?
• What is the destination address for the packet’s data link layer?
Connectionless Service – Datagrams
Packet is forwarded using destination address inside it
• Different packets may take different paths
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
ISP’s equipment
A’s table (initially) A’s table (later) C’s Table E’s Table
Dest. Line
5
Connection-Oriented – Virtual Circuits
Packet is forwarded along a virtual circuit using tag inside it
• Virtual circuit (VC) is set up ahead of time
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
ISP’s equipment
A’s table C’s Table E’s Table
In: Line Tag Line Tag: Out
Question: For the Internet Protocol Suite, is there ANY connection-oriented protocol
at the Network Layer whatsoever? 6
CONS in the Internet
In addition to telephony, Tannenbaum argues that there are at least two
other examples of connection-oriented protocols in the Internet:
1. MultiProtocol Label Switching (MPLS) – see pages 471-
474
2. Virtual LANS (VLANs) – see pages 342-349
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Question: Are any of these
three Network Layer protocols
within the Internet
Protocol Suite?
7
Comparison of Virtual-Circuits & Datagrams
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
8
Routing Algorithms (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Routing logically comprises two processes:
1. Forwarding: processing arriving packets by looking up appropriate outgoing link to use from routing tables
2. Filling in and updating the routing tables. This is where routing algorithms occur.
• Optimality principle »
• Shortest path algorithm »
• Flooding »
• Distance vector routing »
• Link state routing »
• Hierarchical routing »
• Broadcast routing »
• Multicast routing »
• Anycast routing »
• Routing for mobile hosts »
• Routing in ad hoc networks »
Routing Algorithms
Routing Algorithms (2)
Routing is the process of discovering network paths
• Model the network as a graph of nodes and links
• Decide what to optimize (e.g., fairness vs efficiency)
• Update routes for changes in topology (e.g., failures)
Forwarding is the sending of packets along a path
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Fairness Example where
vertical Comms saturatehorizontal links.
10
The Optimality Principle
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Each portion of a best path is also a best path; the
union of them to a router is a tree called the sink tree
• Best means fewest hops in the example
Network Sink tree of best paths to router B
B
The goal of all routing algorithms is to discover and use either sink trees or Directed
Acyclic Graphs (DAG) to eliminate routing loops for all routers. DAGs are like sink trees
except they allow all non-looping possible paths to be chosen in graphs.
Shortest Path Algorithm (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Shortest path selects the most efficient path through a graph in terms of a
specific metric used by that Autonomous System (AS, e.g., number hops,
distance, latency, bandwidth, average delay, comm cost, measured delay).
Dijkstra’s algorithm computes a sink tree on the graph:
• Each link is assigned a non-negative weight/distance
• Shortest path is the one with lowest total weight
• Using weights of 1 gives paths with fewest hops
Algorithm:
• Start with sink, set distance at other nodes to infinity
• Relax (i.e., evaluate) distance to adjacent nodes
• Pick the lowest adjacent distance node, add it to sink tree
• Repeat until all nodes are in the sink tree
Shortest Path Algorithm (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
A weighted, undirected graph of a network and the first five steps in
computing the shortest paths from A to D. Pink arrows show the sink tree
so far. Note: Dijkstra’s Algorithm == Shortest Path Algorithm
Start
at Sink
and compute
backwards
Labels =
(distance, path)
13
Shortest Path Algorithm (3)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
. . .
. . .
Start with the sink,
all other nodes are
unreachable
Relaxation step.
Lower distance to
nodes linked to
newest member of
the sink tree
14
Shortest Path Algorithm (4)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
. . .
Find the lowest
distance, add it to
the sink tree, and
repeat until done
15
Flooding
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Flooding is SOLEY used by routing protocols at the IP Layer. For example,
it is used by the Protocol Independent Multicast – Dense Mode (PIM-DM)
routing protocol (i.e., flood and prune to create multicast paths). Flooding is
NOT a service that is available to end users.
A simple method to send a packet to all network nodes
Each node floods a new packet received on an
incoming link by sending it out all of the other links
Nodes need to keep track of flooded packets to stop the
flood; even using a hop limit can blow up exponentially
Distance Vector Routing (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
The Border Gateway Protocol (BGP) uses distance vector routing. BGP is
the Inter-Domain Routing Protocol used by the Internet (i.e., the protocol
used to route between Autonomous Systems (AS)).
Distance Vector Routing uses the Bellman-Ford routing algorithm.
Distance vector is a distributed routing algorithm
• Shortest path computation is split across nodes (each
router maintains its own routing table giving the best known distance
(and link to use) to every router in the network).
Algorithm:
• Each node knows distance of links to its neighbors
• Each node advertises vector of lowest known
distances to all neighbors
• Each node uses received vectors to update its own
• Repeat periodically
Distance Vector Routing (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Network
Vectors received at J from
Neighbors A, I, H and K
New vector
for J
18
The Count-to-Infinity Problem
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Distance Vector (DV) algorithm has a convergence issue in that it can
converge to a correct routing map slowly because it reacts rapidly to good
news but leisurely to bad news
Failures can cause DV to “count to infinity” while
seeking a path to an unreachable node
Good news of a path
to A spreads quickly
X
Bad news of no path to A
is learned slowly
Router A is 4 routers away from
Router E. The example is in terms
of the implications to Router’s
routing entry for A and metric is routing hops.
System not
know only path
is thru B, B thinks
there is a path
thru C
B knows it has
no link to A so
it chooses one
of its neighbors
that is 3 hops
away
Link State Routing (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Link state routing is often used for intra-domain routing protocols such as
IS-IS and OSPF. These routing protocols are used for routing within an AS.
Link state is an alternative to distance vector
• More computation but simpler dynamics
• Widely used in the Internet (OSPF, ISIS)
Algorithm:
• Each node floods information about its neighbors in
LSPs (Link State Packets); all nodes learn the full
network graph with identical view of network
topology
• Each node runs Dijkstra’s algorithm to compute the
path to take from itself to each destination
Link State Routing (2) – LSPs
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
LSP (Link State Packet) for a node lists neighbors and
weights of links to reach them
Network LSP for each node1. When a router is booted, it learns who its neighbors are by sending a Hello packet
via each of its NICs. Adjacent router replies giving its names.
• Routers on Broadcast LANs select a designated router to reply for the LAN – LANs
are therefore treated as if it were a single node.
2. Each link has the same distance or cost metric. Delay can be determined by ECHOpackets for systems that use delay as a metric.
3. Link State Packets (LSP – see above) are then constructed
4. Routers flood their LSP to all routers in the system. Age field decremented once per
second and packet discarded once age hits zero
Sender ID
Sequence #
Age
List neighbor
and cost
Link State Routing (3) – Reliable Flooding
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Seq. number and age are used for reliable flooding
• New LSPs are acknowledged on the lines they are
received and sent on all other lines
• Example shows the packet buffer for router B
One row of the database is used for each recently arrived but not as
yet fully processed LSP. 1 in Send flag indicates the link that info needs to be
sent on and 1 in ACK indicates where receipt of info needs to be ack to.
5. Next step is to have each node locally run the Dijkstra Algorithm on the
received info. Therefore, possible that different directions of same path might have different costs.
E info arrived twice: EAB and EFB
Hierarchical RoutingRouting tables grow as networks grow which may cause issues. HR divides routers
into regions for 2-level hierarchies; 3-level or more possible.• Kamoun and Kleinrock – optimal number of levels for N router network is ln N
Hierarchical routing reduces the work of route computation but
may result in slightly longer paths than flat routing
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Best choice to
reach nodes in 5
except for 5C
23
Tannenbaum’s Use of “Broadcast” at the
NW Layer• Tannenbaum confusingly uses “broadcast” to describe how routers
support Multicast (MC).
• Broadcast is NOT a service available to the end user at the network
layer within the Internet protocol suite.
• Routing Algorithms support Multicast via two alternative methods:
1. Flood packets and then prune back to create a spanning tree
2. Create a spanning tree from a common root location, known as
Core Based Trees
• Routing forwarding for MC may use Reverse Path Forwarding (RPF)
• End users (including applications) have 3 service alternative choices
at the Network Layer:
1. Unicast
2. Multicast
3. Anycast.CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
24
Broadcast RoutingBroadcast sends a packet to all nodes simultaneously
• RPF (Reverse Path Forwarding): send broadcast received on the link to
the source out all remaining links
− When a MC packet arrives at a router, the router checks the reverse path of
packet to see if it is normally used to send MC packets. If router finds a
matching routing entry for source IP addr, the RPF check passes and the packet is forwarded to all other interfaces of that MC group otherwise the
packet is dropped. RPF can be used by distance vector routing systems
• Alternatively, can build and use sink trees (using link state) at all nodes
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Network Sink tree for I is
efficient broadcastRPF from I is larger than
sink tree25
Multicast Routing (1)
Multicast sends to a subset of the nodes called a group
• Uses a different tree for each group and source
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Network with groups 1 & 2 Spanning tree from source S
S
SS
Multicast tree from S to group 1 Multicast tree from S to group 226
Multicast Routing (2) – Sparse Case
CBT (Core-Based Tree) uses a single tree to multicast
• Tree is the sink tree from core node to group members
• Multicast heads to the core until it reaches the CBT
p 1.
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Sink tree from core to group 1 Multicast is send to the core then
down when it reaches the sink tree
27Used by PIM-SM
Anycast Routing
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Anycast can be used by services – packet sent to the nearest member of a
group (the group all use the same well-known IP address). E.g., DNS
Anycast sends a packet to one (nearest) group member
• Falls out of regular routing with a node in many places
− Distance vector will send packet to shortest path of that addr
− Link state distinguishes between routers and host. It also can resolve anycast addr as long as Anycast nodes are in different parts of the
network from each other (e.g., in different network areas, ASes).
Anycast routes to group 1 Apparent topology of
sink tree to “node” 1Example pretends that 1 is a valid IP address
Mobility
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Routers, data links, applications, and humans may have a
different concept of what “mobility” is.
• Humans think “mobility” means changing locations.
• Networks only think “mobility” exists when the same IP
address is used outside of its normal topological
location. (Recall “Keys to Kingdom” lecture that IP addresses are
locators, not identifiers.)
• Consider:• User moves within a satellite’s “beam” is not considered mobile from
satellite’s perspective even if it is a move over a substantial
geographical distance
• User moves within the cell phone system is handled by cell protocols –
not considered mobility from IP’s perspective• User moves between wi-fi (IEEE 802.11) hotspots. From IP’s perspective:
− Not mobility if user gets a new IP address at that new hotspot
− Is mobility if user doesn’t get a new IP address at that new hotspot (but it probably will in order to use that wireless LAN)
• Mobility from an Application Layer perspective (e.g., DNS)− This is where Mobile IP is used because the retrieved IP address is a locator, not an ID
Routing for Mobile HostsMobile IP – for many apps (VoIP, VPN) sudden changes of IP addr cause problems.
The Mobile IP protocol is often used when users carry mobile devices across multiple
LAN subnets (e.g., IP over DVB, WLAN, WIMAX, BWA)
Mobile hosts can be reached via a home agent
• Fixed home agent tunnels packets to reach the mobile host; reply can
optimize path for subsequent packets
• No changes to routers or fixed hosts
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
30
Routing in Ad Hoc Networks
The network topology changes as wireless nodes move
• Routes are often made on demand, e.g., AODV (below)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
A’s broadcast
reaches B & D
B’s and D’s
broadcast
reach C, F & G
C’s, F’s and G’s
broadcast
reach H & I
A’s starts to
find route to I
31
Congestion Control (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Congestion causes packet delay and loss that degrades performance.
Handling congestion is the responsibility of the
Network and Transport layers working together
− We look at the Network portion here
• Traffic-aware routing » Section 5.3.2 in textbook
• Admission control » Section 5.3.3 in textbook
• Traffic throttling » Section 5.3.4 in textbook
• Load shedding » Section 5.3.5 in textbook
Timescales of approaches to congestion control.
Congestion Control (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Congestion results when too much traffic is offered;
performance degrades due to loss/retransmissions
• Goodput (=useful packets) trails offered load
Congestion Control (3) – Approaches
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Network must do its best with the offered load
• Different approaches at different timescales
• Nodes should also reduce offered load (Transport)
Provisioning – network deployment
Traffic Aware – e.g., splitting traffic across multiple paths
Admission Control – decrease network load (i.e., traffic entering the network)
Traffic Throttling – e.g., explicit congestion notification (ECN)
Load Shedding – packet drop approaches and algorithms
Traffic-Aware Routing
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Shifting traffic away from congested regions by setting the link weight to be a
function of the link bandwidth and propagation delay plus the (variable) measured
load or queuing delay. Least weight paths favor paths that are more lightly
loaded. Rarely done today, preferring traffic engineering1 (TE) instead (e.g., QoS).
Choose routes depending on traffic, not just topology
• E.g., use EI link for West-to-East traffic if CF is loaded
• But take care to avoid oscillations (i.e., convergence issues)
1TE done outside
of routing
protocols
Admission ControlApproach widely used in virtual-circuit nets (e.g., CONS, telephony).
Admission control allows a new traffic load only if the
network has sufficient capacity, e.g., with virtual circuits
• Can combine with looking for an uncongested route
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Network with some
congested nodes
Uncongested portion and
route AB around congestion
36
Traffic Throttling
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Network aims to operate just before the onset of congestion. Requires (1) routers
must be able to discern when congestion is (about to) occur (e.g., queueing delay)
and (2) routers must be able to deliver timely feedback to senders to throttle back
rate
Congested routers signal hosts to slow down traffic
• ECN (Explicit Congestion Notification) marks packets and
receiver returns signal to sender− Routers set the 2 ECN bits in IP packet header signals that router is
experiencing congestion. Destination echoes this back to sender in reply
» ECN bits are the 2 least significant (rightmost) bit in DiffServ field in IP header
» In TCP, echo reply is indicated using ECE bit of TCP header – sender then knows
to throttles back packet rate at the TRANSPORT Layer
Load Shedding (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
When all else fails, network
will drop packets (shed load)
• E.g., Random Early Detection
(RED) – drop packets when they
exceed a threshold like adv queue
length
Choke notification can be
done end-to-end or link-by-
link • E2E – source quench (e.g., at
TCP)
• LbL – routers start throttling once
get a choke packet
Link-by-link (right) produces
rapid relief but requires larger
buffering capability by intermediate routers
1
3
2
4
5
Link-by-link backpressure
Load Shedding (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
End-to-end (right) takes
longer to have an effect,
but can better target the
cause of congestion
1
3
2
7
5
6
4
End-to-End backpressure
Quality of Service
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
• Application requirements »
• Traffic shaping »
• Packet scheduling »
• Admission control »
• Integrated services »
• Differentiated services »
Application Requirements (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Different applications care about different properties
• We want all applications to get what they need
.
“High” means a demanding requirement, e.g., low delay
Application Requirements (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
QoS is part of the routing policy decisions of an Autonomous System
(AS). Routers within an AS are configured to reflect the policies of that
specific AS. QoS provides an optional mechanism for routers to tailor
their behavior based upon the differing needs of specific applications.
Network provides service with different kinds of QoS
(Quality of Service) to meet application requirements
Network Service Application
Constant bit rate Telephony
Real-time variable bit rate Videoconferencing
Non-real-time variable bit rate Streaming a movie
Available bit rate File transfer
Example of QoS categories from ATM networks
Traffic Shaping (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Traffic shaping regulates the
average rate and burstiness of a
flow of data entering the network
• Enables ASes to be able to make
Service Level Agreement SLA
“guarantees”
• For example, packets in excess of the
agreed upon pattern might be
dropped by the network or marked as
having a lower priority
• Traffic Policing = monitoring Traffic
Flow
• 2 common algorithms (leaky bucket, token bucket; see next slides) alternatively are
used to the limit the long term rate of a
flow but allow short term bursts up to a
max regulated length
Shape
traffic
here
Traffic shaping regulates
the offered traffic to a
network.
Traffic Shaping (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Token/Leaky bucket algorithms limits both the average rate
(R) and short-term burst (B) of traffic
• Leaky bucket algorithm – No matter what rate the packets enter the
bucket, the outflow is at a constant rate (R) or less
• Token bucket algorithm – to send a packet must be able to take tokens
out of bucket. No more than a fixed # of tokens (B) can accumulate in bucket.
• For token, bucket size is B, water enters at rate R and is removed to
send; opposite for leaky.
Leaky bucket
(need not full to send)Token bucket
(need some water to send)
to send
to send
Traffic Shaping (3) Figure 5-29 in textbook
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Shaped by
R=200 Mbps
B=9600 KB
Shaped by
R=200 Mbps
B=0 KB
Host traffic
R=200 Mbps
B=16000 KB
Smaller bucket size delays traffic and reduces burstiness45
Bursty traffic
Token Bucket
Token Bucket
Using a Token Bucket algorithm; a-c shows traffic shaping results of different R and
B Token Bucket configs and d-f shows corresponding Token Bucket status
R = Token Arrival rate; B = Token Bucket capacity
Traffic queued on host for release into
net, always a packet waiting to be sent
when allowed
Packet Scheduling (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Packet scheduling provides a mechanism for net admins of an AS to
reserve resources for certain types of traffic (“flows”). Resources can be
bandwidth, buffer space, and/or CPU cycles.
Packet scheduling divides router/link resources among
traffic flows with alternatives to FIFO (First In First Out)
Example of round-robin queuing
111
22
333
Packet Scheduling (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
WFQ permits queues to have different rates (i.e., priorities).
Fair Queueing approximates bit-level fairness with
different packet sizes; weights change target levels
• Result is WFQ (Weighted Fair Queueing)
Packets may be sent
out of arrival order
Finish virtual times determine
transmission order
Fi = max(Ai, Fi-1) + Li/W
Overview: 2 Different Protocols for QoS
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
2 QoS approaches supported by IP routers:
1. DiffServ – per hop mechanism offering better scalability;
uses ECN and DiffServ field in IP header− Question: Who knows what “per hop” means?
2. IntServ – Tighter E2E QoS mechanism for real time traffic
for specific flows that are established using RSVP
Cisco: The 2 approaches are complementary and NOT
mutually exclusive. However, the textbook (Tanenbaum) is oriented to
IntServ.
Instructor’s experience: Never encountered a deployment that
didn’t support DiffServ but have encountered many devices /
deployments that could not support IntServ. During
instructor’s career IntServ has been experimental while
DiffServ has been mature. » Question: What is the practical difference between experimental and mature?
Admission Control (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
QoS “guarantees” are established through the process of admission
control. Admission Control is a necessary part of IntServ QoS.
Admission control takes a traffic flow specification and
decides whether the network can carry it− By contrast, DiffServ is best effort – admission control is solely to ensure
the customer’s DiffServ labels on packets are appropriate for contractual
service level agreements (policing)
• Sets up packet scheduling to meet QoS
Example flow specification for IntServ
• Token bucket for max sustained rate
• Token bucket for largest burst rate
• Max transmission rate tolerated
• Packet sizes reflect processing
overheads supported
Admission Control (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Example showing the Parekh and Gallagher method to relate flow
specifications to router resources for IntServ
Construction to guarantee bandwidth B and delay D:− “Guarantee” accomplished by setting a high enough R,B weight to
support the flow
• Shape traffic source to a (R, B) token bucket− R = average rate; B = Burst
• Run WFQ with weight W / all weights > R/capacity
• Holds for all traffic patterns, all topologies
Integrated Services (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Design with QoS for each flow; handles multicast traffic.
Admission with RSVP (Resource reSerVation Protocol):
• Receiver sends a request back to the sender
• Each router along the way reserves resources
• Routers merge multiple requests for same flow
• Entire path is set up, or reservation not made
Integrated Services (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
R3 reserves flow
from S1R3 reserves flow
from S2
R5 reserves flow from S1;
merged with R3 at H
Merge
52
Differentiated Services (1)
Design with classes of QoS (done on a router-by-router level though
configuring per hop behaviors (PHB) for DiffServ field of IP header);
customers buy what they want through “service level
agreements”
• Expedited class is sent in preference to regular class− PHB given preferential treatment
• Less expedited traffic but better quality for applications
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011 53
Differentiated Services (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Implementation of DiffServ:
• Classifier – e.g., Customers mark desired PHB class on DiffServ field
of IP packet
• Policer – Ingress router ensures the classification in line with service
level agreement (i.e., markings have been paid for)
• ISP shapes traffic (priority/drop/queueing configs) according to how it implemented (configured) the PHP in its AS− For example, Routers use WFQ to give different service levels
Possible implementation of Assured Forwarding
Internetworking
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
The word “network” may mean several very different things in data
communications (e.g., network layer, AS = network). Here the
meaning is data link – networks in this section refer to differences
between different kinds of data link layer protocols. IP regularizes and
hides these differences from the Transport Layer, which is the layer it provides services for.
Internetworking joins multiple, different networks
into a single larger network
• How networks differ »
• How networks can be connected »
• Tunneling »
• Internetwork routing »
• Packet fragmentation »
How Networks Differ
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
The network layer (IP) handles potentially substantial differences between
underlying data links. These differences are not apparent to higher layers –
this is part of the network layer’s service to the transport layer.
Differences can be large; complicates internetworking
How Networks Can Be Connected
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Internetworking based on a common network layer – IP
Packet mapped
to a VC here
Common protocol (IP)
carried all the way
Tunneling (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Connects two networks through a middle one
• Packets are encapsulates over the middle
Tunneling can also be IPv4 in IPv4 and IPv6 in IPv6
IPsec (IP Security) in tunnel mode
Tunneling (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Tunneling analogy:
• tunnel is a link; packet can only enter/exit at ends
Packet Fragmentation (1)
Links have different packet size limits for many reasons
• Large packets sent with fragmentation & reassembly
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
G1 fragments G2 reassembles
Transparent – packets fragmented / reassembled in each network
Non-transparent – fragments are reassembled at destination
G3 fragments G4 reassembles
G1 fragments… destination
will reassemble
60
Packet Fragmentation (2)
Example of IP-style fragmentation:
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Packet
number
Start
offsetEnd
bit
Original packet:
(10 data bytes)
Fragmented:
(to 8 data bytes)
Re-fragmented:
(to 5 bytes)
61
Packet Fragmentation (3)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Fragmentation is detrimental to performance due to header overheads for
fragmented packets and the whole packet is lost if any fragments are lost.
This is why packets are not fragmented in IPv6 (but they can be in IPv4).
For IPv6, packets are dropped if they are larger than the MTU (Max
Transmission Unit). MTU is a function of routing path (i.e., underlying links). MTU discovery used to learn the MTU for that path.
Path MTU Discovery avoids network fragmentation
1. Each packet sent with header bits set to “no fragmentation”
2. If a router receives a packet that is too large for the link, it generates
an error packet, sends it to the source, and drops the packet.
Try 1200 Try 900
Question: In this example, how many times is the packet sent?
Network Layer in the Internet (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
• IP Version 4 »
• IP Addresses »
• IP Version 6 »
• Internet Control Protocols »
• Label Switching and MPLS »
• OSPF—An Interior Gateway Routing Protocol »
• BGP—The Exterior Gateway Routing Protocol »
• Internet Multicasting »
• Mobile IP »
Network Layer in the Internet (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
IP has been shaped by guiding principles (e.g., RFC
1958):
− Make sure it works
− Keep it simple
− Make clear choices
− Exploit modularity
− Expect heterogeneity
− Avoid static options and parameters
− Look for good design (not perfect)
− Strict sending, tolerant receiving
− Think about scalability
− Consider performance and cost
CS 450’s Second Writing Assignment contrasts bulleted list on pages 436-437
(summarized above) with Noel Chiappa’s Internet-Draft document used in the IPv6
creation process.
Question: Is the rationale
for the entries on this list clear?
Please identify any item that
you don’t know why it is
important.
Network Layer in the Internet (3)Internet is an interconnected collection of many networks
that is held together by the IP protocol
• In the IETF participants often distinguish between 3 distinct ISP roles
• Tier 1, Tier 2, Tier 3
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
65
IP Version 4 Protocol (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
IPv4 (Internet Protocol) header is carried on all packets
and has fields for the key parts of the protocol:
Transmission must be big endian (left to right, high order bit first)
Figure 5-46 on Page 439 of Textbook
IP Addresses (5) – Classful Addressing
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Old (from beginning to mid-1990s) IPv4 addresses came in
blocks of fixed size (A, B, C)
• Carries size within the address, but lacks flexibility
• Called classful (vs. classless) addressing
Remember: IPv4 addresses are 32 bits; written as period denominated octets in decimal
IP Addresses (1) – Prefixes
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Classless InterDomain Routing (CIDR) addresses (RFC 4632) have been
used from the mid-1990s on.
Addresses are allocated in blocks called prefixes
• Prefix is the network portion (routing topology locator)
• Host – identifies a specific network interface within
that subnetwork
• Written: address/length, e.g., 18.0.31.0/24
Subnetwork mask for this example is 255.255.255.0
Question: what is a subnetwork mask?
/ is pronounced “slash”
IP Addresses (2) – Subnets
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Subnetting splits up IP prefix to help with management
• Looks like a single prefix outside the network
Network divides into subnets internally
ISP gives network
a single prefix
Small entities get their IP addresses from their ISP
• Change ISP, then IP addresses also change
Larger entities get their IP addresses from a registrar
• Larger entities own their IP addresses
IP Addresses (3) – Aggregation
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Aggregation joins multiple IP prefixes into a single larger
prefix to reduce routing table size• CIDR key element for Internet’s scalability due to aggregation
• Consider the implication to aggregation of the old stateful IPv4 addresses− This example only considers CIDR addresses
ISP’s customers have prefixes with larger slash #s (thus fewer addresses)
ISP advertises
a single prefix
Cambridge: 11000000.00011000.00000 plus 211 host addr
Oxford: 11000000.00011000.0001 plus 212 host addr
Edinburgh: 11000000.00011000.000010 plus 210 host addr
Question: How many
host addr are really
in each subnetwork
in this example?
IP Addresses (4) – Longest Matching Prefix
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Packets are forwarded to the entry with the longest matching
prefix (i.e., higher slash number) == smallest address block
• Complicates forwarding but adds flexibility
Main prefix goes
this way
Except for
this part!
Longest Matching Prefix forwarding explains how anycast works.
IP Addresses (6) – NAT
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
NAT (Network Address Translation) box maps one
external IP address to many internal IP addresses
• Uses TCP/UDP port to tell connections apart
• Violates layering; very common in homes, etc.
IP Version 6 (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Major upgrade in the 1990s due to impending address
exhaustion, with various other goals:
− Support billions of hosts
− Reduce routing table size
− Simplify protocol
− Better security
− Attention to type of service
− Aid multicasting
− Roaming host without changing address
− Allow future protocol evolution
− Permit coexistence of old, new protocols, …
Deployment has been slow & painful, but may pick up
pace now that addresses are all but exhausted
IP Version 6 (2 )
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
IPv6 protocol header has much longer addresses (128
vs. 32 bits) and is simpler (by using extension headers)
IP Version 6 (3)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
IPv6 extension headers handles other functionality− Covered in textbook pages 461-463
Internet Control Protocols (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
IP works with the help of several control protocols:
• ICMP is a companion to IP that returns error info
− Required, and used in many ways, e.g., for traceroute, ping
• ARP finds Ethernet address of a local IP address
− Glue that is needed to send any IP packets
− Host queries an address and the owner replies
• DHCP assigns a local IP address to a host
− Gets host started by automatically configuring it
− Host sends request to server, which grants a lease
Internet Control Protocols (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Main ICMP (Internet Control Message Protocol) types:• Incomplete list of ICMP message types given here, complete list
found at http://www.iana.org/assignments/icmp-parameters
Question: If you were making ping or traceroute application,
which ICMP message type(s) would you use?
Internet Control Protocols (3)ARP (Address Resolution Protocol) lets nodes find target
Ethernet addresses [pink] from their IP addresses− Protocol to establish mapping between DL and Network addresses
− MAC broadcast asking “who owns the destination IP address?”
− Off-LAN traffic sent to the local router (i.e., default gateway) for forwarding
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011 78
Label Switching and MPLS (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
MPLS (Multi-Protocol Label Switching) sends packets
along established paths; ISPs can use for QoS
• Path indicated with label below the IP layer
Label Switching and MPLS (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Label added based on IP address on entering an MPLS
network (e.g., ISP) and removed when leaving it
• Forwarding only uses label inside MPLS network
OSPF— Interior Routing Protocol (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
OSPF computes routes for a single network (e.g., ISP)• Models network as a graph of weighted edges
• Intra-Domain Routing; Uses Link State algorithm (textbook pages
373 – 378)
Network:
Graph:
Broadcast LAN is
modeled as if it were a
well-connected node
(one designated router
IDed per LAN)
3
OSPF— Interior Routing Protocol (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
OSPF optionally divides one large network
(Autonomous System) into areas connected to a
backbone area• Helps to scale; summaries go over area borders
OSPF— Interior Routing Protocol (3)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
OSPF (Open Shortest Path First) is link-state routing:
• Uses messages below to reliably flood topology
• Then runs Dijkstra to compute routes
BGP— Exterior Routing Protocol (1)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
BGP (Border Gateway Protocol) computes routes across
interconnected, autonomous networks• Internet’s Inter-Domain Routing Protocol
• Key role is to respect networks’ policy constraints
− Uses the Bellman-Ford algorithm (i.e., distance vector routing described on
pages 370 to 373 of textbook)
• Implements AS’ policy vis-à-vis other networks
− Purposefully few BGP routers for an AS; often collated with Perimeter
defense Firewalls
− BGP connections occur OVER TCP links – Question: what are the implications?
» Pairwise connections formed between specific routers in different ASes
Example policy constraints handled by BGP:− No commercial traffic for educational network
− Never put Iraq on route starting at Pentagon
− Choose cheaper network
− Choose better performing network
− Don’t go from Apple to Google to Apple
BGP— Exterior Routing Protocol (2)
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Common policy distinction is transit vs. peering:
• Transit carries traffic for pay; peers for mutual benefit
• AS1 carries AS2↔AS4 (Transit) but not AS3 (Peer)
BGP— Exterior Routing Protocol (3)BGP propagates messages along policy-compliant routes
− Message: Prefix, AS path, next-hop IP (to send over the local network)
» BGP therefore keeps track of the path used
» Path = next hop router & AS path (seq of ASes to detect loops) that route followed
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 201186
Message:
Internet Multicasting
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
Groups have a reserved IP address range (class D)
• Membership in a group handled by IGMP (Internet
Group Management Protocol) that runs at routers
Routes computed by protocols such as PIM (protocol
independent multicast):
• Dense mode uses RPF with pruning (PIM-DM)
• Sparse mode uses core-based trees (PIM-SM)
IP multicasting is not widely used except within a single
network, e.g., datacenter, cable TV network.
Mobile IP
Mobile hosts can be reached at fixed IP via a home agent
• Home agent tunnels packets to reach the mobile host;
reply can optimize path for subsequent packets
• No changes to routers or fixed hosts
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011
88
End
Chapter 5
CN5E by Tanenbaum & Wetherall, © Pearson Education-Prentice Hall and D. Wetherall, 2011